CVE-2023-4327 Vulnerability Details

  /     /     /  

CVE-2023-4327 Metadata Quick Info

CVE Published: 15/08/2023 | CVE Updated: 08/10/2024 | CVE Year: 2023
Source: certcc | Vendor: Broadcom | Product: LSI Storage Authority (LSA)
Status : PUBLISHED

CVE-2023-4327 Description

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-522
CWE Name: CWE-522 Insufficiently Protected Credentials
Source: Broadcom

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2023-4327 Vulnerability Details